4

I have already written a php file that connects to the mysql database locally. Now, I want to connect to a remote database via SSH. Currently the connect function for my database is the following in php: 

$this->db = new mysqli(_SERVR_URL, _SERVR_USER , _SERVR_PASS, _SERVR_DB);
    if ($this->db->connect_errno) {
        echo "Failed to connect to MySQL: (" . $this->db->connect_errno . ") " . $this->db->connect_error;
    }
    else{
        //echo "Successfully connected!! <BR><BR>";
    }

I want to only change the connect function (above) so that the rest of the code still works. I have successfully installed the phpseclib and am not interested in installing php's ssh extensions because those were not working after nearly 5 hours of effort. The phpseclib is working, and I think this because when I use require it does not die.

However, when I try to start working with the ssh stuff, it throws a server error:

$ssh = new Net_SSH1(myURL);

The way that I usually SSH into my server is with a .pem file. Can I get some guidance on:

  1. Why the current code may be throwing an error?
  2. If this is possible.
  3. How would you write the connection code with the .pem file.
Lugubrious
  • 380
  • 1
  • 3
  • 16
  • duplicate http://stackoverflow.com/questions/309615/connect-to-a-mysql-server-over-ssh-in-php – kwarunek Aug 05 '13 at 23:58
  • 1
    It is not a duplicate. They did not need to use a .pem file and they did not ask specifically about the phpseclib library. – Lugubrious Aug 06 '13 at 00:00

2 Answers2

4

I think you are out of luck on this one. You can either use the ssh extension in your PHP code, or if you have access to the server, you could try to create a ssh tunnel on the command-line.

You probably need special permissions to do that, though. It also looks like you don't have ssh access to this hosting account.

duplicate answered by @jpm

Setting up tunneling posted by @Ólafur Waage on Connect to a MySQL server over SSH in PHP

And this one for tunneling by @Sosy

shell_exec(“ssh -f -L 3307:127.0.0.1:3306 user@remote.rjmetrics.com sleep 60 >> logfile”);  
$db = mysqli_connect(’127.0.0.1′, ‘sqluser’, ‘sqlpassword’, ‘rjmadmin’, 3307);
Community
  • 1
  • 1
kwarunek
  • 12,141
  • 4
  • 43
  • 48
  • EDIT: just saw your edit. Thanks for the help with the tunneling - is that actually safe to do? – Lugubrious Aug 06 '13 at 00:04
  • However, it could create some vulnerabilities, some system errors that can't be handled in php, it's matter alternatives vs. efforts vs. simplicity – kwarunek Aug 06 '13 at 00:08
  • My php script won't create the ssh tunnel, but when I make it in the terminal, the code will work for the specified time. Any reason why that would happen? – Lugubrious Aug 06 '13 at 17:51
  • check if shell_exec is false, check the logfile, inspect your php conf (safe_mode should be disabled), try maybe system() or exec(). – kwarunek Aug 06 '13 at 19:09
  • I have done these things - the stderror I get from the shell exec is: "Could not create directory '/Library/WebServer/.ssh'. Host key verification failed." I saw several stackoverflow posts about it but I am getting very wary of security flaws. I would be more inclined to accept an answer that had information about what was going on with phpseclib, which is much more secure. – Lugubrious Aug 06 '13 at 19:32
  • PHP's mysql extensions can't tunnel through PHP sockets. So unless you have a pure PHP mysql implementation (or want to rewrite the mysql extension) you're (unfortunately) out of luck :( – neubert Aug 09 '13 at 15:30
1

The mysql extension doesn't currently support this. Modifying the extension, itself, might not be that difficult, but at that point, it'd have to be a custom PECL extension, at best. The idea was discussed on the PHP Internals mailing list a while back:

http://comments.gmane.org/gmane.comp.php.devel/79520

neubert
  • 15,947
  • 24
  • 120
  • 212